DFIQ is a collection of investigative questions and the approaches for answering them

A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization,…

This project is aimed at freely providing technical guides on various hacking topics.

Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.

Web application to create indexes for GIAC certification examinations.

Incident Response Methodologies 2022

A collection of tools, scripts and personal research

Red Teaming Tactics and Techniques

An effort to comprehensively document eBPF

A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Pers…

Microsoft Logic Apps flows

Library and tools to access the Windows New Technology File System (NTFS)

Windows Registry Knowledge Base

Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!

Windows Event Log Knowledge Base